Friday, June 18, 2021

750 million phones jeopardized by SIM card flaw

A weakness in SIM card encryption technology could allow attackers to snoop on mobile phone conversations, according to a Berlin-based security researcher.

No less than 750 million mobile handsets are affected by the flaw which allows hackers to obtain a SIM card’s 56-digit key that facilitates modification of the card, said Karsten Nohl, founder of Security Research Labs. Nohl told reporters he was able to carry out such a hack in just “two minutes using a standard PC.”

Among the things a potential hacker can do, one a SIM card’s digital key is cracked are:

  • Read data embedded on the SIM
  • Install software on the handset that runs independently of the phone
  • Steal data from the SIM card
  • Steal personal information
  • Eavesdrop on phone conversations
  • Alter account information

The vulnerability was found in the Digital Encryption Standard, a cryptographic method developed by IBM in the 1970s and used in billions of phones today.


Mobile malware threats increasing
Security in medical devices questions

The encryption method has been enhanced in the past decades since then but many handsets still use the old standard. A test showed that 1,000 SIM cards in Europe and North American shows signs of the flaw.

Read the whole story here



Would you recommend this article?



Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication. Click this link to send me a note →

Jim Love, Chief Content Officer, IT World Canada

Related Tech News